is it normal that a pdf document which has been encrypted with an owner password only (no user password) can be decrypted by passing an empty password ?

Yes. It is common case when owner password used to prevent document modification (or to set other permissions), in this case user password is an empty string, so Adobe Acrobat could open it like a normal document.
In case if owner password will be an empty string, then user password will be used as owner password.

so what's the utility of the owner password if you can decrypt and modify permissions (or maybe even owner password ?) by passing an empty password without knowing the original owner password ?

Well, you can decrypt and remove permissions with user password only (omit owner password) using SecureBlackbox, but you can't do this with Adobe Acrobat. It is Adobe security...
In program, if you want, you can achieve the same functionality as Adobe checking permissions and password type.

We use cookies to help provide you with the best possible online experience. By using this site, you agree that we may store and access cookies on your device. You can find out more about and set your own preferences here.